John-Mark, Thanks. It's working, and now I have a better understanding. I was not sure if "Thanks" replies were preferred. They can clutter up conversations and mailing lists.
Scott Weber scotty2...@gmail.com On Mon, Dec 28, 2020 at 4:12 PM John-Mark Gurney <j...@funkthat.com> wrote: > Scott Weber wrote this message on Mon, Dec 28, 2020 at 09:15 -0600: > > First correct me if I'm wrong, but the protocol seems to use a PKI, but > not > > certificates. So the public/private exchange is used to generate the > > symmetric key, like SSL, but there is no requirement for a CA. > > Correct, the host has a public/private key pair, and the user MAY have > a key pair for authentication as well... > > > Now connecting as a client, the > > function libssh2_userauth_publickey_fromfile(...) > > requires BOTH the public and private key. > > Why? > > Having both keys out in the wild seems to be a serious security risk. > > This is the user's key... The key maybe encrypted, which is why the > passphrase is an argument. If the client doesn't have access to the > user's private key, it cannot sign a statement that the server uses to > verify the public key in .ssh/authorized_keys file... > > Note: there is a mode that allows a CA to sign certs that can be used, > but it is not commonly used, but does have some interesting improvements > security wise. > > > Also, I've done some testing, and it appears that only the private key is > > needed. I can NULL out the public key. (and yet the function name is " > > ... publickey_fromfile" ) > > Again, why? > > Also, I'm looking at the man page, and I believe that this doc is wrong > (from docs/libssh2_userauth_password_ex.3): > publickey - Path name of the public key file. > (e.g. > /etc/ssh/hostkey.pub). If libssh2 is built against OpenSSL, this > option > can be set to NULL. > > privatekey - Path name of the private key file. (e.g. > /etc/ssh/hostkey) > > those e.g. should be ~/.ssh/id_rsa.pub and ~/.ssh/id_rsa.. Though it > could be other names as well.. > > The likely reason the public key can be NULL'd out is that the private key > either contains the public key, or the public key can easily be derived > from the private key (and it is often safest to do so)... > > > I have both keys also on the linux server, but it appears (via the conf) > > that the server only uses the public key. > > It would seem that putting the public key "out in the wild" and keeping > the > > private key on the server is the normal step, at least when creating SSL > > handshakes. > > I think you may have been confused by the above docs, but you are correct > that the host private key should NOT be used, and even if you did, it > would not work... > > > Would it function if I placed the private key in the authorized_keys file > > on the server, and used the public key on the client? > > No, it would not. > > Hope this helps. > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." > _______________________________________________ > libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel >
_______________________________________________ libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
